Class: Gcloud::Bigquery::Dataset::Access

Inherits:

Object

• Object
• Gcloud::Bigquery::Dataset::Access

Defined in:

lib/gcloud/bigquery/dataset/access.rb

Overview

# Dataset Access Control

Represents the Access rules for a Gcloud::Bigquery::Dataset.

Examples:

require "gcloud"

gcloud = Gcloud.new
bigquery = gcloud.bigquery
dataset = bigquery.dataset "my_dataset"

dataset.access do |access|
  access.add_owner_group "owners@example.com"
  access.add_writer_user "writer@example.com"
  access.remove_writer_user "readers@example.com"
  access.add_reader_special :all
  access.add_reader_view other_dataset_view_object
end

See Also:

• BigQuery Access Control

Constant Summary

ROLES =

{ "reader" => "READER",
"writer" => "WRITER",
"owner"  => "OWNER" }

SCOPES =

{ "user"           => "userByEmail",
"user_by_email"  => "userByEmail",
"userByEmail"    => "userByEmail",
"group"          => "groupByEmail",
"group_by_email" => "groupByEmail",
"groupByEmail"   => "groupByEmail",
"domain"         => "domain",
"special"        => "specialGroup",
"special_group"  => "specialGroup",
"specialGroup"   => "specialGroup",
"view"           => "view" }

GROUPS =

{ "owners"                  => "projectOwners",
"project_owners"          => "projectOwners",
"projectOwners"           => "projectOwners",
"readers"                 => "projectReaders",
"project_readers"         => "projectReaders",
"projectReaders"          => "projectReaders",
"writers"                 => "projectWriters",
"project_writers"         => "projectWriters",
"projectWriters"          => "projectWriters",
"all"                     => "allAuthenticatedUsers",
"all_authenticated_users" => "allAuthenticatedUsers",
"allAuthenticatedUsers"   => "allAuthenticatedUsers" }

Instance Attribute Summary

• #access ⇒ Object readonly

Instance Method Summary

• #add_owner_domain(domain) ⇒ Object

  Add owner access to a domain.

• #add_owner_group(email) ⇒ Object

  Add owner access to a group.

• #add_owner_special(group) ⇒ Object

  Add owner access to a special group.

• #add_owner_user(email) ⇒ Object

  Add owner access to a user.

• #add_owner_view(view) ⇒ Object

  Add owner access to a view.

• #add_reader_domain(domain) ⇒ Object

  Add reader access to a domain.

• #add_reader_group(email) ⇒ Object

  Add reader access to a group.

• #add_reader_special(group) ⇒ Object

  Add reader access to a special group.

• #add_reader_user(email) ⇒ Object

  Add reader access to a user.

• #add_reader_view(view) ⇒ Object

  Add reader access to a view.

• #add_writer_domain(domain) ⇒ Object

  Add writer access to a domain.

• #add_writer_group(email) ⇒ Object

  Add writer access to a group.

• #add_writer_special(group) ⇒ Object

  Add writer access to a special group.

• #add_writer_user(email) ⇒ Object

  Add writer access to a user.

• #add_writer_view(view) ⇒ Object

  Add writer access to a view.

• #changed? ⇒ Boolean
• #initialize(access, context) ⇒ Access constructor

  Initialized a new Access object.

• #owner_domain?(domain) ⇒ Boolean

  Checks owner access for a domain.

• #owner_group?(email) ⇒ Boolean

  Checks owner access for a group.

• #owner_special?(group) ⇒ Boolean

  Checks owner access for a special group.

• #owner_user?(email) ⇒ Boolean

  Checks owner access for a user.

• #owner_view?(view) ⇒ Boolean

  Checks owner access for a view.

• #reader_domain?(domain) ⇒ Boolean

  Checks reader access for a domain.

• #reader_group?(email) ⇒ Boolean

  Checks reader access for a group.

• #reader_special?(group) ⇒ Boolean

  Checks reader access for a special group.

• #reader_user?(email) ⇒ Boolean

  Checks reader access for a user.

• #reader_view?(view) ⇒ Boolean

  Checks reader access for a view.

• #remove_owner_domain(domain) ⇒ Object

  Remove owner access from a domain.

• #remove_owner_group(email) ⇒ Object

  Remove owner access from a group.

• #remove_owner_special(group) ⇒ Object

  Remove owner access from a special group.

• #remove_owner_user(email) ⇒ Object

  Remove owner access from a user.

• #remove_owner_view(view) ⇒ Object

  Remove owner access from a view.

• #remove_reader_domain(domain) ⇒ Object

  Remove reader access from a domain.

• #remove_reader_group(email) ⇒ Object

  Remove reader access from a group.

• #remove_reader_special(group) ⇒ Object

  Remove reader access from a special group.

• #remove_reader_user(email) ⇒ Object

  Remove reader access from a user.

• #remove_reader_view(view) ⇒ Object

  Remove reader access from a view.

• #remove_writer_domain(domain) ⇒ Object

  Remove writer access from a domain.

• #remove_writer_group(email) ⇒ Object

  Remove writer access from a group.

• #remove_writer_special(group) ⇒ Object

  Remove writer access from a special group.

• #remove_writer_user(email) ⇒ Object

  Remove writer access from a user.

• #remove_writer_view(view) ⇒ Object

  Remove writer access from a view.

• #writer_domain?(domain) ⇒ Boolean

  Checks writer access for a domain.

• #writer_group?(email) ⇒ Boolean

  Checks writer access for a group.

• #writer_special?(group) ⇒ Boolean

  Checks writer access for a special group.

• #writer_user?(email) ⇒ Boolean

  Checks writer access for a user.

• #writer_view?(view) ⇒ Boolean

  Checks writer access for a view.

Constructor Details

#initialize(access, context) ⇒ Access

Initialized a new Access object. Must provide a valid Dataset object.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 82

def initialize access, context
  @original   = access.dup
  @access     = access.dup
  @context    = context
end

Instance Attribute Details

#access ⇒ Object (readonly)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 76

def access
  @access
end

Instance Method Details

#add_owner_domain(domain) ⇒ Object

Add owner access to a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 179

def add_owner_domain domain
  add_access_role_scope_value :owner, :domain, domain
end

#add_owner_group(email) ⇒ Object

Add owner access to a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 173

def add_owner_group email
  add_access_role_scope_value :owner, :group, email
end

#add_owner_special(group) ⇒ Object

Add owner access to a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 186

def add_owner_special group
  add_access_role_scope_value :owner, :special, group
end

#add_owner_user(email) ⇒ Object

Add owner access to a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 167

def add_owner_user email
  add_access_role_scope_value :owner, :user, email
end

#add_owner_view(view) ⇒ Object

Add owner access to a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 197

def add_owner_view view
  add_access_role_scope_value :owner, :view, view
end

#add_reader_domain(domain) ⇒ Object

Add reader access to a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 107

def add_reader_domain domain
  add_access_role_scope_value :reader, :domain, domain
end

#add_reader_group(email) ⇒ Object

Add reader access to a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 101

def add_reader_group email
  add_access_role_scope_value :reader, :group, email
end

#add_reader_special(group) ⇒ Object

Add reader access to a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 114

def add_reader_special group
  add_access_role_scope_value :reader, :special, group
end

#add_reader_user(email) ⇒ Object

Add reader access to a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 95

def add_reader_user email
  add_access_role_scope_value :reader, :user, email
end

#add_reader_view(view) ⇒ Object

Add reader access to a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 125

def add_reader_view view
  add_access_role_scope_value :reader, :view, view
end

#add_writer_domain(domain) ⇒ Object

Add writer access to a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 143

def add_writer_domain domain
  add_access_role_scope_value :writer, :domain, domain
end

#add_writer_group(email) ⇒ Object

Add writer access to a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 137

def add_writer_group email
  add_access_role_scope_value :writer, :group, email
end

#add_writer_special(group) ⇒ Object

Add writer access to a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 150

def add_writer_special group
  add_access_role_scope_value :writer, :special, group
end

#add_writer_user(email) ⇒ Object

Add writer access to a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 131

def add_writer_user email
  add_access_role_scope_value :writer, :user, email
end

#add_writer_view(view) ⇒ Object

Add writer access to a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 161

def add_writer_view view
  add_access_role_scope_value :writer, :view, view
end

#changed? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 89

def changed?
  @original != @access
end

#owner_domain?(domain) ⇒ Boolean

Checks owner access for a domain.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 395

def owner_domain? domain
  lookup_access_role_scope_value :owner, :domain, domain
end

#owner_group?(email) ⇒ Boolean

Checks owner access for a group.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 389

def owner_group? email
  lookup_access_role_scope_value :owner, :group, email
end

#owner_special?(group) ⇒ Boolean

Checks owner access for a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 402

def owner_special? group
  lookup_access_role_scope_value :owner, :special, group
end

#owner_user?(email) ⇒ Boolean

Checks owner access for a user.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 383

def owner_user? email
  lookup_access_role_scope_value :owner, :user, email
end

#owner_view?(view) ⇒ Boolean

Checks owner access for a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 413

def owner_view? view
  lookup_access_role_scope_value :owner, :view, view
end

#reader_domain?(domain) ⇒ Boolean

Checks reader access for a domain.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 323

def reader_domain? domain
  lookup_access_role_scope_value :reader, :domain, domain
end

#reader_group?(email) ⇒ Boolean

Checks reader access for a group.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 317

def reader_group? email
  lookup_access_role_scope_value :reader, :group, email
end

#reader_special?(group) ⇒ Boolean

Checks reader access for a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 330

def reader_special? group
  lookup_access_role_scope_value :reader, :special, group
end

#reader_user?(email) ⇒ Boolean

Checks reader access for a user.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 311

def reader_user? email
  lookup_access_role_scope_value :reader, :user, email
end

#reader_view?(view) ⇒ Boolean

Checks reader access for a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 341

def reader_view? view
  lookup_access_role_scope_value :reader, :view, view
end

#remove_owner_domain(domain) ⇒ Object

Remove owner access from a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 287

def remove_owner_domain domain
  remove_access_role_scope_value :owner, :domain, domain
end

#remove_owner_group(email) ⇒ Object

Remove owner access from a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 281

def remove_owner_group email
  remove_access_role_scope_value :owner, :group, email
end

#remove_owner_special(group) ⇒ Object

Remove owner access from a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 294

def remove_owner_special group
  remove_access_role_scope_value :owner, :special, group
end

#remove_owner_user(email) ⇒ Object

Remove owner access from a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 275

def remove_owner_user email
  remove_access_role_scope_value :owner, :user, email
end

#remove_owner_view(view) ⇒ Object

Remove owner access from a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 305

def remove_owner_view view
  remove_access_role_scope_value :owner, :view, view
end

#remove_reader_domain(domain) ⇒ Object

Remove reader access from a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 215

def remove_reader_domain domain
  remove_access_role_scope_value :reader, :domain, domain
end

#remove_reader_group(email) ⇒ Object

Remove reader access from a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 209

def remove_reader_group email
  remove_access_role_scope_value :reader, :group, email
end

#remove_reader_special(group) ⇒ Object

Remove reader access from a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 222

def remove_reader_special group
  remove_access_role_scope_value :reader, :special, group
end

#remove_reader_user(email) ⇒ Object

Remove reader access from a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 203

def remove_reader_user email
  remove_access_role_scope_value :reader, :user, email
end

#remove_reader_view(view) ⇒ Object

Remove reader access from a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 233

def remove_reader_view view
  remove_access_role_scope_value :reader, :view, view
end

#remove_writer_domain(domain) ⇒ Object

Remove writer access from a domain.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 251

def remove_writer_domain domain
  remove_access_role_scope_value :writer, :domain, domain
end

#remove_writer_group(email) ⇒ Object

Remove writer access from a group.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 245

def remove_writer_group email
  remove_access_role_scope_value :writer, :group, email
end

#remove_writer_special(group) ⇒ Object

Remove writer access from a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 258

def remove_writer_special group
  remove_access_role_scope_value :writer, :special, group
end

#remove_writer_user(email) ⇒ Object

Remove writer access from a user.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 239

def remove_writer_user email
  remove_access_role_scope_value :writer, :user, email
end

#remove_writer_view(view) ⇒ Object

Remove writer access from a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

# File 'lib/gcloud/bigquery/dataset/access.rb', line 269

def remove_writer_view view
  remove_access_role_scope_value :writer, :view, view
end

#writer_domain?(domain) ⇒ Boolean

Checks writer access for a domain.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 359

def writer_domain? domain
  lookup_access_role_scope_value :writer, :domain, domain
end

#writer_group?(email) ⇒ Boolean

Checks writer access for a group.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 353

def writer_group? email
  lookup_access_role_scope_value :writer, :group, email
end

#writer_special?(group) ⇒ Boolean

Checks writer access for a special group. Accepted values are ‘owners`, `writers`, `readers`, and `all`.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 366

def writer_special? group
  lookup_access_role_scope_value :writer, :special, group
end

#writer_user?(email) ⇒ Boolean

Checks writer access for a user.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 347

def writer_user? email
  lookup_access_role_scope_value :writer, :user, email
end

#writer_view?(view) ⇒ Boolean

Checks writer access for a view. The view can be a Gcloud::Bigquery::View object, or a string identifier as specified by the [Query Reference](cloud.google.com/bigquery/query-reference#from): project_name:datasetId.tableId.

Returns:

• (Boolean)

# File 'lib/gcloud/bigquery/dataset/access.rb', line 377

def writer_view? view
  lookup_access_role_scope_value :writer, :view, view
end